Cars Being Stolen With Keyless Entry
If car owners throw their keys on the table or at their door, they may not realize that they are allowing thieves to steal their signal. This relay attack is a highly-tech method criminals use to steal keyless vehicles.
Keyless ignition cars emit an extremely low-power radio signal, in search of a fob to respond. If the signal can be recorded and recreated, it can be used unlock the car and start it.
Relay Attack
Imagine your car safely at your driveway, with your key fob at home. You're confident that your vehicle is safe, but not seen by you, sophisticated thieves are plotting an attack. Instead of slamming windows or jiggling locks, thieves are using technology to hack into cars via digital chinks in their armor. Also known as relay theft, it's a more popular method of stealing cars that have keyless entry.
The keyless entry system in cars is controlled by a signal sent by the car's radio transmitter to the key fob. To stop unauthorized keyless entry the RF transmitters on the key fob and car are programmed to activate only when they're within certain distance from one another. However, thieves can bypass this limitation with a technique called the 'relay attack'.
To do so two people work in tandem one is positioned by the car with the device that captures a digitized version of the key fob's signal. The other, in the vicinity of the home of the owner and using a second device to transmit the key fob's signal to the car. This trickery fools the car into believing the key fob has reached a distance sufficient to allow the vehicle to start and unlock. vehicle.
In the past, this kind of heist required expensive equipment to carry out. Today, you can purchase an inexpensive relay transmitter online and pull off an heist in just a few minutes. This is the reason it's popular among car thieves.
While some cars are less prone to this type of theft than others, all modern cars that have keyless entry are vulnerable. In fact researchers have tested 237 popular cars and found that they could be targeted by this method.
Tesla vehicles are believed to be less prone to this kind of theft. However, the company hasn't yet implemented UWB technology to allow it to perform distance checks and stop relay attacks. The company has said it will implement this feature in the near future, but until then they are vulnerable. Installing an anti-theft system that safeguards your keys and your car against such a threat is a proactive way to ensure the security of your vehicle.
CAN Injection Attack
Modern cars can protect themselves against thieves by sending encrypted messages to the key to confirm its authenticity. The system is considered to be secure, but thieves have found ways to get around it. They just impersonate the smart key and send messages to the vehicle letting it unlock the doors, turn off its engine immobilizer, and then go on their way. To do this they gain access to the smart key's internal communication network.
These days, most cars are equipped with between 20 to 200 electronic control units (or ECUs) that control various aspects of the car's operation. They communicate using the CAN bus network. To ensure that power consumption is low they ECUs go into sleep mode with low power that is activated when they receive a wake up frame. These frames are typically sent by the ECU that is in charge of the smart key or door. These messages aren't always encrypted or authenticated. This means that thieves can take them over with the use of a cheap and simple device.
They search for a spot where they can connect directly to the CAN connection wires. They usually hide in the headlights or in other places in the front of the vehicle. To get them, you must remove the bumper and make holes in the headlamp assemblies. The criminals then employ a device dubbed an CAN injection attacker to send fake messages that trick the car's security systems into unlocking it and car stolen with keys inside disengaging the engine immobilizer.
The devices are available for purchase on the Dark Web, and work for the majority of major car makers, including BMW, Cadillac, Chrysler, Fiat, Ford, Honda, Hyundai, Jaguar, Jeep, Lexus, Nissan, Renault, Toyota, Volkswagen, Maserati, and more. The researchers who discovered this CAN Injection attack are recommending that all car makers fix the issue in their current models, but the fact is that these thieves will continue to grab whatever they can get their hands on. We can stop this by implementing mechanical safety measures, such as Discloks inside all of our cars and parking them in well-lit, visible areas.
Blocking the Signal
In a different variation of the relay attack, thieves can employ a device to block the signal from the key fob when the car is locked. The device could be in the pocket of a thief in a parking lot or in a hiding spot near the driveway being targeted. Once the owners hit the lock button on their fobs, and then walk away and leave, they don't have to think about whether or not the car is really locked. The device used by the criminal block the signal that locks the vehicle. Therefore, thieves can escape with the car.
The crooks also make use of devices to amplify the key fob's signals to unlock vehicles. They can even do this when the key is in the driver's pocket or hanging from its hook in the home. When the car is locked, they can use a standard computer hacker to program an unlocked key fob to gain control over the vehicle.
To guard against this kind of attack, car makers have developed a variety of anti-theft devices. However, thieves will always come up with new ways to beat these measures.
They've started using devices that transmit at the same frequency as remote keyfobs to intercept signals. The thieves can then copy the key fob's unlock code and then start the car with this fake signal.
This technique is especially popular in the US and Europe where a lot of automobiles are equipped with wireless technology that allows owners to unlock and start their vehicles using a mobile app on their smartphone. This technology will likely become more popular as more companies attempt to connect their cars to their owners smartphones.
In addition to installing anti-theft technologies in vehicles, it's important for drivers to follow the best practices when they park their cars. It is not a good idea to leave keys in the ignition, and should always ensure that the car is fully locked when they're not there and should use an engine or steering wheel lock if possible. They should also think about installing a tracking device to their car in the event it gets stolen.
Flat Battery
This kind of attack occurs more often than most people realize. Thieves make use of cheap devices to extend the signal from your key fob to open and start a car even when it's shut off. Then they drive the vehicle to the trailer or around a corner, and take it away. Installing an interruption switch to the starter circuit would protect your car against this. The most basic ones have an ON/OFF switch which interrupts the starter circuit. It is priced at around $15 and is easy to install.
Car thieves are always seeking new ways to take vehicles. Police, car manufacturers and insurance companies are always trying to stay abreast of the latest techniques and offer better anti theft systems for modern vehicles. However, that doesn't stop thieves who are able adapt quickly and find ways to circumvent the most recent anti-theft measures.
Many thieves block the signal using devices that use the same radio frequency of the fob. They place the device in their pocket or near their vehicle, and it blocks the fob's lock command from reaching the vehicle and thereby leaving it unlocked. This can be done within minutes. The device is inexpensive and is available online.
Another option is to hack into the car's computer system. This is more difficult but it is still possible. All cars have an diagnostic port, and hackers have created devices that connect to them and let them access the car's software. From there, they can program a blank key fob and make it work. It is possible to do this on older vehicles too however it is more difficult without taking out the ignition.
This method could become more popular if more vehicles are connected to drivers' mobile phones. Once a criminal has the username and password to a vehicle app they can open or start the vehicle with the application. Fortunately, you can be safe from these kinds of attacks by not leaving valuables in your car and parking it in a secure garage or parking lot.